Privacy Policy

Last updated: January 2025

1. Introduction

Workd ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our free mobile application and related services, including premium features available through in-app purchases.

2. Information We Collect

2.1 Account Information

When you create an account using Apple Sign In or other methods, we may collect name and email address (if provided), Apple ID identifier, profile information and preferences, and account credentials.

2.2 Fitness and Workout Data

We collect workout data, exercise history, fitness goals, progress tracking and performance metrics, workout preferences and settings, and imported workout content from social media and websites.

2.3 CloudKit/iCloud Data

Your workout data, routines, and progress are automatically synced to Apple's CloudKit service to enable seamless access across your devices. This includes all workout history, exercise routines, progress tracking, and app preferences.

2.4 Usage and Analytics Data

We automatically collect device information, app usage patterns, features accessed, interactions, performance data, crash reports, error logs, IP address and general location information (for security/fraud prevention and analytics only, not for advertising).

2.5 Payment and Subscription Data

For premium features, Apple processes all payments. We receive only minimal subscription status and entitlement information via StoreKit. We do not receive or store any payment card data.

3. How We Use Your Information

We use the collected information for: Providing Services (delivering workout features, tracking progress, enabling social interactions); Personalization (customizing workout recommendations and app experience); Content Processing (converting imported workouts into structured exercise plans); Progress Tracking (managing workout history and progress monitoring); Premium Features (managing subscriptions and access to paid features); App Improvement (analyzing usage patterns to enhance functionality); Support (providing customer service and technical support); Security (protecting against fraud and ensuring app security).

3.1 Health & Fitness Data Use

We do not use your workout or fitness-related information for advertising or marketing, do not sell it, and do not share it with third parties for advertising. We process this data only to deliver app features, sync across your devices, provide insights you request, ensure security, and improve the product.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information with your consent, with trusted service providers who assist in app operations, to comply with legal requirements, to protect our rights and safety, or in connection with business transfers.

4.1 Tracking and App Tracking Transparency

We do not track your activity across other companies' apps or websites, do not access the IDFA, and do not serve targeted advertising. Accordingly, we do not present Apple's App Tracking Transparency prompt.

5. Apple Sign In and Third-Party Services

Apple Sign In: When you use Apple Sign In, Apple provides us with a unique identifier and, if you choose to share it, your email address. We do not receive your actual Apple ID or password. Apple's privacy policy governs the information they collect and share.

CloudKit/iCloud Sync: Your data is stored in your private iCloud container via CloudKit and encrypted in transit and at rest by Apple. We do not access any other iCloud data. If you disable iCloud, cross-device sync stops. Deleting your account or specific data in the app removes corresponding CloudKit records (subject to backup retention noted in our Account Deletion section).

Social Media Integration: We only process content you explicitly select and upload. We do not log in to, scrape, or otherwise access your social media accounts. You are responsible for ensuring you have the rights to the content you upload.

6. Data Security and Protection

We implement appropriate technical and organizational measures to protect your personal information: Encryption of data in transit and at rest, secure authentication and access controls, regular security assessments and updates, limited access to personal information on a need-to-know basis, and secure data centers and cloud infrastructure.

7. Data Retention and Deletion

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. You may request deletion of your data at any time through the app settings or by contacting us. Deleted data will be permanently removed within 30 days.

7.1 Account Deletion

You can delete your account at any time in the app: Settings → Account → Delete Account. This permanently deletes your profile, workout data, routines, preferences, and associated CloudKit records within 30 days, except where retention is required for legal, security, or fraud-prevention purposes. Data in backups may persist for up to 90 days, after which it is purged.

8. Your Privacy Rights and Choices

You have the following rights regarding your personal information: Access (request a copy of your personal information), Correction (update or correct inaccurate information), Deletion (request deletion of your personal information), Portability (receive your data in a portable format), Opt-out (unsubscribe from marketing communications), and Data Processing (object to certain processing activities).

9. Children's Privacy

Age Requirement: Our App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and adequacy decisions where applicable.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how we use it, and the right to opt-out of the sale of personal information. We do not "sell" or "share" personal information as defined by the CCPA/CPRA.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to erasure, data portability, and the right to lodge a complaint with a supervisory authority. Legal bases: performance of a contract (to provide the app/features), legitimate interests (to improve and secure our services), and consent (where applicable, e.g., marketing communications). EEA users may contact us to exercise rights or lodge a complaint with a supervisory authority.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes through the App, email, or other appropriate means. Your continued use of the App after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: